NetIQ eDirectory 9.2 SP2 Release Notes

May 2020

NetIQ eDirectory 9.2 SP2 resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the eDirectory Community Support Forums, our community Web site that also includes product notifications, blogs, and product user groups.

For a full list of all issues resolved in NetIQ eDirectory 9.x, including all patches and service packs, refer to TID 7016794, “History of Issues Resolved in NetIQ eDirectory 9.x”.

For more information about this release and for the latest release notes, see the Documentation Web site. To download this product, see the Product Upgrade Web site.

1.0 What’s New?

eDirectory 9.2 SP2 provides the following fixes in this release:

1.1 Updates for the eDirectory Docker Containers

We are shipping a preview version of Docker Container-based deployment with eDirectory 9.2 SP2 for customers to use and provide feedback. Customers wishing to deploy in production will be supported only with a Professional Services engagement. For more information, see Deploying eDirectory Using Docker Container in the eDirectory Installation Guide.

1.2 Updates for Dependent Components

This release adds support for the following third party components:

  • OpenSSL 1.0.2u

  • OpenLDAP SDK 2.4.49

1.3 Fixed Issues

eDirectory 9.2 SP2 includes the following software fixes that resolve several previous issues:

Multiple Primary inhibit_move Obituaries on Deleted Objects Are Not Released

Fix: eDirectory has been updated to release the multiple primary inhibit_move obituaries on deleted objects as part of the ndsrepair utility. (Bug 1158220)

LDAP Search Fails with Complex Filters

Issue: Performing LDAP search with complex filters containing multiple OR conditions and paging fails with an error message. (Bug 1151712)

NOTE:Any version of eDirectory previous to 9.2 SP2 failed to display any error message on client side when criticality level was set with paged search control.

eDirectory Event System Freezes

Issue: eDirectory event processing system freezes resulting in the event disk cache file buildup in cdir folder. (Bug 1153649)

CEF Events with Line Breaks Logged as Separate Events

Issue: In the previous version of eDirectory, any CEF event with a line break was logged as a separate event. (Bug 1131400)

CEF Events Do Not Provide Any Description of the Event

Fix: A new field called msg has been added in CEF event which provides the textual description of the event. (Bug 1149927)

eDirectory CEF Loggers Do Not Support Different Log Levels and Syslog PRI Field

Fix: From this version of eDirectory, CEF loggers will use different log levels. For more information, see Configuring the CEF Property File in the eDirectory Administration Guide. With this version of eDirectory, the PRI field has been enabled in Syslog messages. (Bug 1147048)

ndsd.log Fails to Capture Log for a Disabled LDAP Proxy User

Issue: ndsd.log file does not capture any error for a disabled user who is designated as LDAP Proxy User while loading and unloading nldap. (Bug 1138310)

Partition and Server DNs Displayed in dsrepair Are shown as Corrupted Text on Windows

Issue: dsrepair displays the partition and server DNs as corrupted text on Windows.(Bug 1097368)

eDirectory Becomes Unresponsive Due to Connection Buildup

Issue: eDirectory does not respond to requests when closed connections do not get cleared from the dhost connection table.(Bug 1169280)

1.4 Supported Upgrade Paths

To upgrade to eDirectory 9.2 SP2, you need to be on eDirectory 8.8.8.x or above. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.

2.0 System Requirements

For information about prerequisites, hardware requirements, and supported operating systems, see the NetIQ eDirectory Installation Guide.

3.0 Installing or Upgrading

To upgrade to eDirectory 9.2 SP2, you need to be on eDirectory 8.8.8.x or 9.x. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.

4.0 Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.

For the list of the known issues in eDirectory 9.1, refer to the Known Issues section in the respective release notes.

4.1 eDirectory Users Are Unable to Change Password when Tree Key Is of Type DES

Issue: If there is a DES tree key in the server, some users may not be able to change passwords. This happens due to passwords being protected with DES tree key and the FIPS being enabled (n4u.server.fips_tls=1) in the nds.conf file.

Workaround: Perform the following steps to workaround the issue:

  1. Disable FIPS mode on your eDirectory server by setting n4u.server.fips_tls to 0.

  2. Generate a new 3DES tree key using SDIdiag 2.7.0 using the command SD -G.

    NOTE:To install SDIdiag 2.7.0, you must install eDirectory 8.8.8 P11 on a new machine and then install SDIdiag 2.7.0 on the same machine.

  3. Re-encrypt the passwords using the Diagpwd utility.

  4. Enable FIPS mode on the eDirectory server by setting n4u.server.fips_tls to 1.

  5. Now you must be able to change user’s password successfully. For more information, see TID 7024695.

5.0 Additional Documentation

5.1 iManager

For iManager information, refer to the iManager online documentation.

5.2 Novell International Cryptographic Infrastructure (NICI)

The NICI Administration Guide is included in the eDirectory documentation page.

5.3 eDirectory Issues on Open Enterprise Server (UNIX only)

For more information on eDirectory issues on Open Enterprise Server (OES), see OES Readme.

6.0 Legal Notices

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see

Copyright © 2020 NetIQ Corporation, a Micro Focus company. All Rights Reserved.